Suspicious Detection System via Triple DES Algorithm: Cryptography Approach

Transcription

1 Available Online at International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 4, Issue. 5, May 2015, pg RESEARCH ARTICLE ISSN X Suspicious Detection System via Triple DES Algorithm: Cryptography Approach Nisha Rani 1 1 Research Scholar, Department of Computer Science and Engineering, Ganga Institute Of Technology & Management, Kablana ID: nishaparnala@gmail.com Mrs. Neetu Sharma 2 2 HOD (CSE Dept.), Ganga Institute Of Technology & Management, Kablana ID: neetush75@gmail.com Abstract: The paper presents a suspicious detection System which detect suspicious activities. In the paper we proposed the use of cryptography strategies for terrorists detection. Security plays a very important and crucial role in the field of Internet and for communication. So there is a need of suspicious detection system which detects all suspicious activities. The need for Suspicious detection System is increasing due to the rapid usage of communication in the Internet world. Triple Data encryption standard (DES) is a private key cryptography system that provides the security in communication system. By using an Enhanced DES algorithm the security has been improved which is very crucial in the communication and field of Internet. Keywords Cipher text, Decryption, 3DES, Encryption, Plaintext. I. INTRODUCTION is one of the most popular, fastest and cheapest means of communication. It has become a part of everyday life for millions of people, changing the way we work and collaborate. messages can be sent to an individual or groups. A single can spread among millions of people within few moments. Nowadays, most individuals even cannot imagine the life without . For those reasons, has become a widely used medium for communication of terrorists as well. A great number of researchers focused in the area of counterterrorism after the disastrous events of 9/11 trying to predict terrorist plans from suspicious communication. This also motivated us to contribute in this area. 2015, IJCSMC All Rights Reserved 552

2 In this paper, we have applied Cryptography techniques to detect suspicious s, i.e., an that alerts of upcoming terrorist events. We have applied Triple DES (Data Encryption Standard) algorithms, emphasizing initially on Given a plaintext message, the first key is used to DES- encrypt the message. The second key is used to DES-decrypt the encrypted message. (Since the second key is not the right key, this decryption just scrambles the data further.) The twice-scrambled message is then encrypted again with the first key to yield the final cipher text. This three-step procedure is called triple-triple-des is just DES done three times with two keys used in a particular order. (Triple-DES can also be done with three separate keys instead of only two. In either case the resultant key space is about 2^112.) Detecting Suspicious and criminal activities prior to the attacks and providing security to the people is the challenging task for the investigators or administrator . is a technology that includes passing and sending information from one place to another, using computer and the Internet. It is beneficial in both our personal and professional life. As Electronic mail is largely used by the terrorists for their communication, there is a need for Suspicious detection system that classifies s to detect Suspicious activities and make the administrator alert. In this paper work, we will detect the suspicious mails sent from the users who are already registered on this System. Firstly new users sign up themselves on the site to send the mails to those users who already registered and then view the messages from the registered users. Triple DES Algorithm used by admin to encrypt the messages sent to the users or sent some warnings about the other users suspicious activity. In this work, suspicious words dictionary is used to detect the suspicious words which are not actually used in the normal messaging or communication. Suspicious Detection System Suspicious detection is a kind of mailing system where suspicious users are identified by determining the keywords used by him/her. The keywords such as bomb, RDX, are found in the mails which are sent by the user. All these blocked mails are checked by the administrator and identify the users who sent such mails. The proposed work will helps in finding out anti social elements. This provides the security to system which adapts it. This also helps the intelligence bureau, crime branch etc.insurance premium calculations, for quarterly, half yearly and annually is completely automated gives us a reliable environment. The system provides claim reporting and status enquiry. The proposed work will be helpful for identifying the suspicious and also assist the investigators to get the information in time to take effective actions to reduce the criminal activities. 2015, IJCSMC All Rights Reserved 553

3 II. RELATED WORK The research in the area of analysis usually focuses on two areas namely: traffic analysis and content analysis. A lot of research has been conducted for traffic analysis [10], [11]. In the Year 2005 Keila and Skillicorn [11] have investigated on the Enron [13] data set which contains communications among employees of an organization who were involved in the collapse of the organization. The authors [11] have applied ID3 algorithm to detect suspicious s by using keyword base approach and by applying rules. They have not used any information regarding the context of the identified keywords in the s. In the Year 2007 S. Appavu & R. Rajaram [2] have applied association rule mining to detect suspicious s with the additional benefits of classifying the (suspicious in terms of terror plots) s further into specialized classes such as suspicious alert or suspicious info. This system decides whether the can be classified as suspicious alert in the presence of suspicious keyword in the future tense otherwise only it is classified as suspicious info. In the Year 2008 The authors [13], [14] incorporated feature selection strategies along with classification systems. According to [15], by using feature selection methods one can improve the accuracy, applicability, and understandability of the learning process. Selvakuberan et al. [14] have applied filtered feature selection methods [16] on web page classification; according to their results the evaluator CfsSubset Eval yields better performance with search methods Best First, Ranker search, and Forward selection. Pineda-Bautista et al. [17] proposed a method for selecting the subset of features for each class in multi-class classification task. The classifiers that were used by the authors were Naïve Baye's (NB) [6], k-nearest Neighbors (k-nn) [17], C4.5 [19], and Multi Layer Perceptron (MLP). The authors trained the classifier for each class separately by using only the features of that particular class. In the Year Smith 2007 [15]have emphasized the use of a feature selection method for achieving accuracy of sentiment classification. They proposed to apply CfsSubset Eval with the Best First search method. Different researcher used different method to implement a System that detect suspicious activities. The Proposed method used cryptography algorithm i.e. triple DES (3 Data Encryption standard) it is very fast algorithm for encrypt or decrypt the information ( message) in a successful rate. 2015, IJCSMC All Rights Reserved 554

4 We will detect the suspicious mails sent from the users who are already registered on this website. Firstly new users sign up themselves on the site to send the mails to those users who already registered and then view the messages from the registered users. Triple DES Algorithm used by admin to encrypt the messages sent to the users or sent some warnings about the other users suspicious activity. In this proposed work, suspicious words dictionary is used to detect the suspicious words which are not actually used in the normal messaging or communication. A. Triple DES Algorithm (3DES) 3DES is an enhancement of DES; it is 64 bit block size with 192 bits key size. In this standard the Encryption method is similar to the one in the original DES but applied 3 times to increase the encryption Level. Triple DES is DES three times. It comes in two flavors: One that uses three keys, and other that uses two keys. The Idea of 3-DES is shown in to the fig.1. The plain text block P is first encrypted with a key K1, then encrypted with second key K2, and finally with third key K3, where K1, K2 and K3 are different from each other. To decrypt the cipher text C and obtain the plain text, we need to perform the operation P= DK3 (DK2 (DK1 )). But in Triple DES with two keys the algorithms works as follows: [1] Encryption the plain text with key K1. Thus, we have EK1 (p). [2] Decrypt the output of step1 above with key K2. Thus, we have DK2 (EK1 (P)). [3] Finally, encrypt the output of step 2 again with key K1.Thus, we have EK1 (DK2 (EK1 (P))). The idea of 3-DES with two keys are shown in fig , IJCSMC All Rights Reserved 555

5 (Triple DES) III. PROBLEM STATEMENT The problem under consideration is to identify s that contain suspicious contents indicating terrorism events. We consider the task of suspicious detection as a System. The purpose is to formulate a System that detects suspicious activities. We cannot deny the importance of that is a major source of communication among most individuals and organizations, including terrorists and terrorist organizations. The proposed system first detect the suspicious activities when suspicious user send some suspicious message to another user and then delete that message which is basically going through , IJCSMC All Rights Reserved 556

6 The is marked as suspicious when certain keywords like bomb, attack, RDX are present in message. These keywords are inserted by Administrator by creating the data dictionary. IV. Study of Cryptography Technique Encryption: The process of encoding the plaintext into cipher text is called Encryption. Decryption: The process of decoding ciphers text to plaintext is called Decryption. This can be done by two techniques symmetric-key cryptography and asymmetric key cryptography. Symmetric key cryptography involves the usage of the same key for encryption and decryption. Asymmetric key cryptography involves the usage of one key for encryption and another, different key for decryption. V. IMPLEMENTATION DETAILS In this research work we have used triple Des algorithm to implement suspicious detection system. We have created two modules for this work. a) Admin Module. b) User Module. 2015, IJCSMC All Rights Reserved 557

7 These modules also carry sub-modules. a) Admin Module: i. Admin Login ii. Check Suspicious Mails for Admin iii. Data Dictionary for Admin iv. View Data Dictionary for Admin v. View User List for Admin vi. Create message Module for Admin b) User Module i. User Login ii. User Registration Module iii. Create Message Module for Users iv. Inbox Module for Users v. Sent Box Module for Users vi. User Forum a) Admin Module: In Admin module, admin can check all the suspicious mail which is send by suspicious users. He can view the data dictionary, see the user detail which is registered in this system as well as send the message to user. i) Admin Login In this module, admin can enter the username and password to authenticate himself to access the account panel modules. ii) Check Suspicious Mails for Admin In this module, admin can check the suspicious mail which is not actually stored into the user inbox instead of marked as suspicious status and sent it to the admin as suspicious mails with the user details. iii) Data Dictionary for Admin In this module, admin can add the suspicious words into existing data dictionary to detect more precisely and accurately the suspicious mails sent by the users. iv) View Data Dictionary for Admin In this module, admin can view the suspicious words exists into the data dictionary and also has access to delete the suspicious words from the existing data dictionary of suspicious words. 2015, IJCSMC All Rights Reserved 558

8 v) View Users List for Admin In this module, admin can view the registered users and their full details and has access to delete the users if any of the registered users are found to do the suspicious activity on the website. vi) Create message Module for admin In this module, admin can select the username and then enter the message along with the subject and also the input encryption key which is used for encrypt the message as well as the subject and then send it to the selected user and message and subject are both stored into the user inbox. b) User Module: In this, user can send message to another user and that message will be encrypt in some way by using some key. When user(sender) send message to another user he has to enter their name, subject, key, and type their message. id is already registered at the time of user registration. Then that key will be send to the user(receiver) gmail inbox. He can see their key and the decrypt their message and see the message. So, the main benefit of this system it provides security as well as suspicious mails and suspicious user can easily identified. Platform To implement a system, we have used Programming Language Advanced Java; NetBeans as a front end IDE, MySQL Server as a database for storing data and supported Operating System are WINDOWS XP & its above versions. SCREENSHOTS Suspicious detection system 2015, IJCSMC All Rights Reserved 559

9 Login module Admin Account Panel Check suspicious s 2015, IJCSMC All Rights Reserved 560

10 Message Panel Create suspicious words User List Module Compose message module for admin 2015, IJCSMC All Rights Reserved 561

11 Show message panel 2015, IJCSMC All Rights Reserved 562

12 User Login Module Registration Module Create message module for user 2015, IJCSMC All Rights Reserved 563

13 Sent box message module for user User Forum Module VI. CONCLUSION The proposed System is solved the problem definition by detecting the suspicious mails. Admin is created the data dictionary of suspicious words and this data dictionary makes help to detect the suspicious activity of the users. Admin further will be added the suspicious words into the existing Suspicious Words data dictionary. References [1] S.Appavu alias Balamurugan, Aravind,Athiappan, Bharathiraja,Muthu Pandian and Dr.R.Rajaram, Association Rule Mining for Suspicious Detection: A Data Mining Approach, in Proc. Of the IEEE International Conference on Intelligence and Security Informatics, New Jersey,USA, 2007, pp [2] P.S.Keila and D.B.Skillicorn, Detecting unusualand Deceptive Communication in , Technical reports June, [3] S.Appavu and R.Rajaram, Suspicious Detection via Decision Tree: A Data Mining Approach, in Journal of Computing and Information Technology CIT 15, 2007,2, pp , IJCSMC All Rights Reserved 564

14 [4] S.Appavu, R.Rajaram, G.Athiapan, M.Muthupandian, Data Mining Techniques for Suspicious Detection: A Comparative Study. Presented in IADIS European Conference DataMining 2007, pp [5]R.Agrawal, R.J.Bayardo and R.Srikant. Athena, Mining-based interactive management of text databases, In Proc. 7thInt. Conf. Extending Database Technology, Konstanz, Germany, 2000, pp [6] R.B.Segal and J.O.Kephart, MailCat: An Intelligent Assistant for Organizing , in the Proc. of 3 rd Int. Conf. on Autonomous Agents. [7] R.Agrawal and R.Srikant, Fast algorithms for mining association rules, In Proc. 20 th Int. Conf. Very Large Databases, pp , Santiago, Chile, [8] Liu, W. Hsu, and Y. Ma, Integrating classification and Data Mining, pages 80-86, New York City, NY, August [9] X. Yin, J. Han, CPAR: Classification based on predictive Association Rules, SDM 03, pages [10] A.A.Zaidan, B.B.Zaidan, Novel Approach for High Secure Data Hidden in MPEG Video Using Public Key Infrastructure, International Journal of Computer and Network Security, 2009, Vol.1, No.1, ISSN: , P.P [11] A.W.Naji, A.A.Zaidan, B.B.Zaidan, Shihab A, Othman O. Khalifa, Novel Approach of Hidden Data in the (Unused Area 2 within EXE File) Using Computation between Cryptography and Steganography, International Journal of Computer Science and Network Security (IJCSNS), Vol.9, No.5, ISSN: , pp [12] Anas Majed Hamid, Miss Laiha Mat Kiah, Hayan.T. Madhloom, B.B Zaidan, A.A Zaidan, Novel Approach for High Secure and High Rate Data Hidden in the Image Using Image Texture Analysis, International Journal of Engineering and Technology (IJET), Published by: Engg Journals Publications, ISSN: , Vol.1,NO.2,P.P [13] K.Selvakuberan, M.Indradevi, R.Rajaram, (2008). Combined feature selection and classification A novel approach for categorization of web pages. Journal of Information and Computing Science. 32pp [14] A. Arauzo-Azofra, J. M. Benitez, Empirical Study of Feature Selection Methods in Classification, In proc. of Eighth Internation Conference on Hybrid Intelligent System s, 2008, pp [15] K. T. Durant, M. D. Smith Predicting t he political sentiment of web log post s using supervised machine learning techniques coupled with feature selecion".lncs, 2007, pp [16]A.A.Zaidan, B.B.Zaidan, Anas Majeed, "High Securing Cover-File of Hidden Data Using Statistical Technique and AES Encryption Algorithm", World Academy of Science Engineering and Technology(WASET), Vol.54, ISSN: , P.P [17] A.A.Zaidan, Fazidah. Othman, B.B.Zaidan, R.Z.Raji, Ahmed.K.Hasan,and A.W.Naji," Securing Cover-File without Limitation of Hidden Data Size Using Computation between Cryptography and Steganography", World Congress on Engineering 2009 (WCE), The2009 International Conference of Computer Science and Engineering, Proceedings of the International Multi Conference of Engineers and Computer Scientists 2009, ISBN: , Vol. I, p.p [18] M.Abomhara, Omar Zakaria, Othman O. Khalifa,A.A.Zaidan, B.B.Zaidan, Enhancing Selective Encryption for H.264/AVC Using Advance Encryption Standard, International Journal of Computer and Electrical Engineering (IJCEE), ISSN: ,Vol.2, NO.2, April2010, Singapore. 2015, IJCSMC All Rights Reserved 565